Community discussions

MikroTik App
 
gfunkdave
newbie
Topic Author
Posts: 45
Joined: Tue Jan 09, 2018 12:05 am

Router is getting an ISP DNS server?

Tue May 23, 2023 11:21 pm

I have an RB5009 running 7.9.1 (though the issue happened in 7.9 too). I'm getting this random anomalous IPv6 DNS server:
[david@RoutyMcRouterson] > /ip dns print
                      servers: 1.1.1.2,1.0.0.2
              dynamic-servers: 2600:1700:7c50:3790::1
               use-doh-server:
              verify-doh-cert: no
   doh-max-server-connections: 5
   doh-max-concurrent-queries: 50
                  doh-timeout: 5s
        allow-remote-requests: yes
          max-udp-packet-size: 4096
         query-server-timeout: 2s
          query-total-timeout: 10s
       max-concurrent-queries: 100
  max-concurrent-tcp-sessions: 20
                   cache-size: 2048KiB
                cache-max-ttl: 20m
                   cache-used: 138KiB

I've turned off use-peer-dns on all the IPv6 and IPv4 DHCP clients:
/ipv6 dhcp-client
add add-default-route=yes interface=ether1 request=address use-interface-duid=yes use-peer-dns=no
add add-default-route=yes interface=vrrp1 pool-name=lan-ipv6 request=address,prefix use-interface-duid=yes  use-peer-dns=no
add add-default-route=yes interface=vrrp2 pool-name=guest-ipv6 request=address,prefix use-interface-duid=yes  use-peer-dns=no

/ip dhcp-client
add comment=defconf interface=ether1 use-peer-dns=no
So where's this address coming from? The multiple vrrps are a hack to get AT&T to give me a /64 on each vlan. They only respond with a /64 no matter what you request, but you can request multiple /64s.
Thanks for any help
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: Router is getting an ISP DNS server?

Wed May 24, 2023 12:17 am

Likely from an RDNSS option in the IPv6 router advertisments. I don't know if there is an option to ignore them.
 
gfunkdave
newbie
Topic Author
Posts: 45
Joined: Tue Jan 09, 2018 12:05 am

Re: Router is getting an ISP DNS server?

Wed May 24, 2023 5:26 am

Hmm, that’s troublesome. AT&T’s DNS is randomly hijacking queries for LAN addresses. There must be a way to ignore them. Anyone?
 
gfunkdave
newbie
Topic Author
Posts: 45
Joined: Tue Jan 09, 2018 12:05 am

Re: Router is getting an ISP DNS server?

Wed May 24, 2023 6:09 am

Update: I configured things to use SLAAC (with advertise DNS off on the /ipv6 nd) and now I don’t get that pesky DNS on my LAN.

viewtopic.php?t=181840#p902227

Who is online

Users browsing this forum: No registered users and 36 guests